From a4c309a677a77ef73ee0b6ac87ebdba9ba1bad80 Mon Sep 17 00:00:00 2001
From: Devin Howard <devin@callysto.com>
Date: Fri, 18 Dec 2015 09:26:07 +0800
Subject: [PATCH] finish topic spec

---
 spec/models/topic_spec.rb | 29 ++++++++++++++++++++++++++++-
 1 file changed, 28 insertions(+), 1 deletion(-)

diff --git a/spec/models/topic_spec.rb b/spec/models/topic_spec.rb
index 17485803..d8ec84e8 100644
--- a/spec/models/topic_spec.rb
+++ b/spec/models/topic_spec.rb
@@ -4,6 +4,9 @@ RSpec.describe Topic, type: :model do
   it { is_expected.to belong_to :user }
   it { is_expected.to belong_to :metacode }
   it { is_expected.to have_many :maps }
+  it { is_expected.to have_many :mappings }
+  it { is_expected.to validate_presence_of :permission }
+  it { is_expected.to validate_inclusion_of(:permission).in_array Perm::ISSIONS.map(&:to_s) }
 
   context 'has_viewable_synapses function' do
     let (:user) { create(:user) }
@@ -48,6 +51,30 @@ RSpec.describe Topic, type: :model do
   end
 
   context 'permssions' do
-    pending "TODO"
+    let(:other_user) { create :user }
+    let(:topic) { create :topic, user: owner, permission: :commons }
+    let(:private_topic) { create :topic, user: owner, permission: :private }
+    let(:public_topic) { create :topic, user: owner, permission: :public }
+
+    it 'prevents deletion by non-owner' do
+      expect(topic.authorize_to_delete(other_user)).to eq false
+      expect(topic.authorize_to_delete(owner)).to eq topic
+    end
+
+    it 'prevents visibility if private' do
+      expect(topic.authorize_to_show(other_user)).to eq true
+      expect(topic.authorize_to_show(owner)).to eq true
+      expect(private_topic.authorize_to_show(owner)).to eq true
+      expect(private_topic.authorize_to_show(other_user)).to eq false
+    end
+
+    it 'only allows editing if commons or owned' do
+      expect(topic.authorize_to_edit(other_user)).to eq true
+      expect(topic.authorize_to_edit(owner)).to eq true
+      expect(private_topic.authorize_to_edit(other_user)).to eq false
+      expect(private_topic.authorize_to_edit(owner)).to eq true
+      expect(public_topic.authorize_to_edit(other_user)).to eq false
+      expect(public_topic.authorize_to_edit(owner)).to eq true
+    end
   end
 end